1. 1
Dr. D.Y.PATIL SCHOOL OF ENGINEERING, PUNE
PRESENTED BY:
Ashar Shaikh
Exam Seat No-S190884211
DEPARTMENT OF COMPUTER ENGINEERING
Ethical
Hacking As A Method To
Enhance Information
Security
UNDER THE GUIDANCE OF:
Prof. Sunil Rathod
2. INDEX
Introduction
Literature Review
Problem Statement
Motivation of Topic
Existing System
System Architecture
Working & Feasibility
Advantages And Disadvantages
Application
Future Scope
Conclusion
Refrences
2
3. Introduction
The immense advancement of Internet has brought large amount of
improvements like electronic commerce, email, easy access to giant depot
of reference material, distance learning facilities, electronic banking.
Calling to the disadvantages, the technical development .
criminal hackers who will furtively steal the organization’s or
administrative data and information to transmit them to the open internet
without privacy. This process is done by black hat hackers.
For the enhancement of Information security ethical hacker teams are
applying the similar techniques and methodologies of a hacker but in a
legal manner without harming the targeted systems or stealing the
information.
3
4. Literature Review(1)
Hacking can be explained as one of the misunderstood major
cyber concepts. The greatest number of individuals think that
hacking as something illegal or evil, but nothing can be farther
from represented truth. It is clear that, hacking may be an actual
threat, but to stop hacking yourself by someone , it is a must for
you to learn hacking techniques.[3]Aman Gupta explained well
about techniques and methods such as Wi-Fi hacking
,penetration testing and DOS attacks with the aim of providing
a better knowledge in hacking methodologies and eventually
preclude your devices or computer from being a target easily
4
5. Literature Review(2)
[10] History of Computing carries all together up on to one
minute coverage about all basic hacking concepts, issues and
terminology , with all skills you have to keep developed in this
field. The research thoroughly cover ups core hacking topics,
such as assessments of vulnerabilities, virus attacks to the sites,
hacking techniques, spyware and its activities, network
defenses, passwords protection and detections, firewalls and its
behavior, intrusion detection and VPN.[2] Ethical Hacking: The
Security Justification Redux is a research with all extensively
and clearly mentioned about art in both attacks and defense.
5
6. Problem Statement
To silence and overcome from the major issues done by
black hat hackers :
What Kind Of Problems Can Be Faced In Cyber Security?
1.System Lockups
2.Security breaches
3.Network/Connection failure
4.Ransomware attacks.
5.IoT attacks.
6.Cloud attacks.
7.Phishing attacks.
8.Blockchain and cryptocurrency attacks.
9.Software vulnerabilities.
6
7. Motivation
Ethical hacking is used to secure important data from
enemies. It works as a safeguard of your computer from
blackmail by the people who want to exploit the
vulnerability. Using ethical hacking, a company or
organization can find out security vulnerability and risks.
Governments use State-sponsored hacking to prevent
intelligence information about influence politics, an enemy
state, etc. Ethical hacking can ensure the safety of the nation
by preventing cyber-terrorism and terrorist attacks.
Hackers can think from an attacker's perspective and find
the potential entry point and fix them before any attacks.
Ethical hacking helps us learn new skills used in many roles
like software developer, risk management, quality assurance
tester, and network defender.
7
8. Existing System
Today, you can find Certified Ethical Hackers working
with some of the finest and largest companies across
industries like healthcare, financial, government, energy
and much more!
Ethical Hacking and its types
What are the types of ethical hacking?
Web application hacking.
Social engineering.
System hacking.
Hacking wireless networks.
Web server hacking.
8
9. Objectives And Scope
Ethical hacking is generally used as penetration testing to
detect vulnerabilities, risk and identify the loopholes in a
security system and to take corrective measures against
those attacks.
Ethical hacking is a key component of risk evaluation,
auditing, and counter-frauds. The scope for the Ethical
Hackers is high and it is one of the rapidly growing careers
at present as many malicious attackers cause a threat to the
business and its networks. Industries like Information
Technology and Banking Sectors hire several Ethical
hackers to protect their data and infrastructure. Also, in the
upcoming days, the demand for this profile is going to be
high compared to other profiles due to an increased threat of
vulnerabilities.
9
11. Working & Feasibility 11
First Phase: Reconnaissance
A hacker should have knowledge well about the hacking target
to do an attack systematically for a system. It is noticeable to
take an overview about the used systems and the network.
The attacker must possess a bundle of information and data
about the target at the end of this phase. A promising attack
path is built up using this all information collected by
reconnaissance phase .
Second Phase: Scanning
During the Scanning phase probe and attack are the two main
processes that are proceed on
Listening is another second phase process. Probe, attack and
listening are the main combinations of Scanning process.
12. Working & Feasibility Study 12
Third Phase: Gaining Access
This is known as first access wherever this phase is not about
the taking of root access only about taking any kind of access
to the system.
maybe it is a user account or root account
Fourth Phase: Maintaining access
This phase is an addition of stealth process and advancement
Sending e-mails to the administrators by faking the certain
well-known users or clients might help in taking expected
information
Fifth Phase: Takeover
Takeover is a process which, once the root access is arrived,
the is considered as winner. Then after onwards it makes
possible for installing any kind of tools
13. Advantages
Following are the advantages of Cyber Security as follows.
This helps to fight against cyber terrorism and to fight
against national security breaches.
This helps to take preventive action against hackers.
This helps to build a system that prevents any kinds of
penetration by hackers.
This offers security to banking and financial
establishments.
This helps to identify and close the open holes in a
computer system or network.
13
14. Disadvantages
Following are the disadvantages of Ethical Hacking as
follows.
This may corrupt the files or data of an organization.
They might use information gained for malicious use.
Subsequently, trustful programmers are expected to have
achievement in this framework.
By hiring such professionals will increase costs to the
company.
This technique can harm someone’s privacy.
This system is illegal.
14
15. Applications
The main application of this is to provide the security on
wireless infrastructure which is the main purpose of present
business organization.
Ethical hacking has become main stream in organizations
which are wishing to test their intellectual and technical
courage against the underworld.
Ethical hacking plays important role in providing security.
Resources are the computer related services that performs
the tasks on behalf of user. In Ethical hacking the resources
are the core services, objects code etc. The ethical hacking
has advantages of gaining access to an organizations
network and information systems.
15
16. Future of Cyber Security
industry experts predict that the global penetration testing
market value will reach US$4.1 billion by 2027, which
paints a bright future for ethical hackers. The Future of
Ethical Hacking Looks Bright
It is the best way to improve skills and knowledge in
communication, collaboration, and customer service.
You can gain an immersive experience in project
management and improve capability in project planning and
quality assurance.
You can play a major role in networking and the internet
security industry.
16
17. Conclusion
I. Cyber security is one of the most important aspects of the
fast-paced growing digital world.
II. The threats of it are hard to deny, so it is crucial to learn
how to defend from them and teach others how to do it
too.
III. Although the need for cybersecurity workers is likely to
continue to be high, it is difficult to forecast with certainty
the number of workers required or the needed mix of
cybersecurity knowledge and skills.
17
18. References
1) Ajinkya A. Farsole, Amurta G. Kashikar and Apurva
Zunzunwala , “Ethical Hacking ” , International journal of
Computer Applications (0975-8887), 2010.
2) Halil Ebrahim, Ihsan, Batmaz, “Wireless Network security
comparison of WEP mechanism, WPA and RSN security
protocols”.
3) J. Danish and A. N. Muhammad, “Is Ethical Hacking
Ethical? “ , International journal of Engineering Science
and Technology, Vol 3 No. 5, pp. 3758-3763, May 2011
4) James Corley, Kent Backman, and Michael “Hands-On
Ethical Hacking and Network Defense”, 2006.
5) R Rafay Baloch, "Ethical Hacking and Penetration Testing
Guide”, 2014.
18